diff options
| author | Mark Murray <markm@FreeBSD.org> | 1999-07-19 18:17:54 +0000 |
|---|---|---|
| committer | Mark Murray <markm@FreeBSD.org> | 1999-07-19 18:17:54 +0000 |
| commit | f95d9a7c6cca9f7c2e59871e7c109589902721c0 (patch) | |
| tree | 9d5b31e69b110049867c6316d2c01e2f1c9e43d9 /contrib/perl5/lib | |
| parent | ba8860241dc595916aeb67f6b25237bed79a201d (diff) | |
Fix a problem where commands in backticks `` wont get executed in taint
mode because of an insecure path.
Reported by: George Cox
Notes
Notes:
svn path=/head/; revision=48910
Diffstat (limited to 'contrib/perl5/lib')
| -rw-r--r-- | contrib/perl5/lib/Sys/Hostname.pm | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/contrib/perl5/lib/Sys/Hostname.pm b/contrib/perl5/lib/Sys/Hostname.pm index 95f9a99a7abf..f8e90959f473 100644 --- a/contrib/perl5/lib/Sys/Hostname.pm +++ b/contrib/perl5/lib/Sys/Hostname.pm @@ -93,14 +93,20 @@ sub hostname { # method 3 - trusty old hostname command || eval { + $pathstack = $ENV{'PATH'}; + $ENV{'PATH'} = "/bin:/usr/bin"; local $SIG{__DIE__}; $host = `(hostname) 2>/dev/null`; # bsdish + $ENV{'PATH'} = $pathstack; } # method 4 - sysV uname command (may truncate) || eval { + $pathstack = $ENV{'PATH'}; + $ENV{'PATH'} = "/bin:/usr/bin"; local $SIG{__DIE__}; $host = `uname -n 2>/dev/null`; ## sysVish + $ENV{'PATH'} = $pathstack; } # method 5 - Apollo pre-SR10 |